Ads 468x60px

Labels

.

Sunday, 14 April 2013

difference between form authentication and windows authentication asp net

asp.net state management/session interview questions answer

ASP.NET has ways to Authenticate a user:
1) Forms Authentication :-
Form authentication is used for internet and intranet based application.
This is provided so that web pages can make use of the local Windows User and Groups .

Windows Authentication provider is the default authentication
provider for ASP.NET applications. When a user using this authentication
logs in to an application, the credentials are matched with the Windows
domain through IIS.

There are 4 types of Windows Authentication methods:
1) Anonymous Authentication - IIS allows any user
2) Basic Authentication - A windows username and password has to be sent across the network (in plain text format, hence not very secure).
3) Digest Authentication - Same as Basic Authentication, but the credentials are encrypted. Works only on IE 5 or above
4) Integrated Windows Authentication - Relies on Kerberos technology, with strong credential encryption

Forms Authentication - This authentication relies on code written by
a developer, where credentials are matched against a database.
Credentials are entered on web forms, and are matched with the database
table that contains the user information.

---------------------------------------------------------------------------------------------------------Authentication And AuthorizationAuthentication is the process of identification and validation of a user's credentials. After the identity is authenticated,a process called authorization determines whether that identity has access to a particular resource.ASP.NET provides three ways to authenticate a user:Forms authenticationWindows authenticationPassport authentication